Mam Click Me a log chyba jest w porzadku. Sprawdzcie.

[Barti16]

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 16:07:37, on 2005-06-13
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
E:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
C:\PROGRA~1\NEOSTR~1\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Watch.exe
C:\WINDOWS\system32\cmd.exe
E:\Program Files\Programy\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Programy\Gadu-Gadu\gg.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Programy\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ada\USTAWI~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - Default URLSearchHook is missing
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteojg32.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuamkop32.exe
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FLASHGET\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\POPUPCOP\popupcop.dll/imagenew
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D4999EE-92F5-4BDE-AC1E-FFEB650C4D10}: NameServer = 81.15.178.2,194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E6C7855-5155-49DB-B077-EC3481E13758}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Usługa Auto Protect programu Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - E:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


[prog]

usunalbym to:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ada\USTAWI~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

ale poczekaj na Expertow

[MUTOPOMPKA]

DO wywalenia:

Kod: Zaznacz wszystko

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ada\USTAWI~1\Temp\se.dll/sp.html

R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteojg32.exe

O4 - HKLM\..\RunServices: [Microsoft Update] wuamkop32.exe

O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\POPUPCOP\popupcop.dll/imagenew

I ściągnij sobie nowszego IE, bo ten, co teraz masz jest "stary". Zapraszam na www.windowsupdate.com

[Tom@szek]

Po pierwsze odwiedź stronę www.windowsupdate.com w celu aktualizacji IE.
Wejdź w start-uruchom-wpisz regedit i wykonaj kopię rejestru.

To usuń:

Kod: Zaznacz wszystko

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ada\USTAWI~1\Temp\se.dll/sp.html

Kod: Zaznacz wszystko

      R3 - Default URLSearchHook is missing

Kod: Zaznacz wszystko

O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteojg32.exe

Kod: Zaznacz wszystko

   O4 - HKLM\..\RunServices: [Microsoft Update] wuamkop32.exe

Kod: Zaznacz wszystko

O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\POPUPCOP\popupcop.dll/imagenew

Reszta O.K.

usunalbym to:
Barti16 napisał:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ada\USTAWI~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

progmaniak

Ja mam taką propozycję. Jak chcesz robić porządki w kompie to rób u siebie. Nie proponuj nikomu usuwania plików jeśli nie wiesz które.

[janusz125]

Jeśli nie rozwiązaliście problemu to napiszcie